﻿using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
using GalleryCommon;

namespace GalleryDataProvider
{
    public static class UserDataProvider
    {
        private static readonly SqlConnection myConnection = ConnectionProvider.Connection;

        public static bool AddNewUser(string email, string userName, byte[] hashedPassword)
        {
            bool result = true;
            int count = -1;

            SqlCommand command = new SqlCommand("select count(UserID) from Users where Email = @Email", myConnection);
            command.Parameters.AddWithValue("Email", email);

            try
            {
                SqlDataReader reader = command.ExecuteReader();

                while (reader.Read())
                {
                    count = reader.GetInt32(0);
                }
                reader.Close();
            }
            catch (SqlException)
            {
                result = false;
            }

            if (count == 0)
            {
                command = new SqlCommand("insert into Users (Name, Email, Password) values (@Name, @Email, @Password)", myConnection);
                command.Parameters.AddWithValue("Name", userName);
                command.Parameters.AddWithValue("Email", email);
                command.Parameters.AddWithValue("Password", hashedPassword);

                try
                {
                    command.ExecuteNonQuery();
                }
                catch (SqlException)
                {
                    result = false;
                }
                return result;
            }

            return false;

        }

        public static bool CheckUser(string email, byte[] hashedPassword, out User user)
        {
            bool result = true;
            user = new User();
            user.Username = string.Empty;

            SqlCommand command = new SqlCommand("select UserID,Name from Users where Email LIKE @Email AND Password = @Password", myConnection);
            command.Parameters.AddWithValue("Email", email);
            command.Parameters.AddWithValue("Password", hashedPassword);
            SqlDataReader reader = null;
            try
            {
                 reader = command.ExecuteReader();

                if (reader.HasRows)
                {
                    while (reader.Read())
                    {
                        user.Username = reader.GetString(1);
                        user.UserID = reader.GetInt64(0);
                    }

                }
                else
                {
                    result = false;
                    reader.Close();
                }
                
            }
            catch (SqlException)
            {
                result = false;
                reader.Close();
            }
            finally
            {
                if (reader != null)
                {
                    reader.Close();
                }
            }
            reader.Close();
            return result;
        }
    }
}
